本文介绍了如何配置DNS服务器的主从同步和反向解析,包括使用host和nslookup命令查询DNS记录,创建反向解析区域文件,设置主从DNS同步,并通过 rndc 命令管理DNS服务。详细步骤涵盖了从区域文件编辑到验证解析的全过程。
1.关于host命令
host -t NS example.com 172.20.0.131解析名称空间服务。host -t MX example.com 172.20.0.131解析邮件服务。
[root@lab1 named]# host -t NS example.com 172.20.0.131
Using domain server:
Name: 172.20.0.131
Address: 172.20.0.131#53
Aliases:
example.com name server ns1.example.com.
example.com name server ns2.example.com.
[root@lab1 named]# host -t MX example.com 172.20.0.131
Using domain server:
Name: 172.20.0.131
Address: 172.20.0.131#53
Aliases:
example.com mail is handled by 10 mx1.example.com.
example.com mail is handled by 20 mx2.example.com.
2.关于nslookup命令
nslookup进入交互式命令界面。server 172.20.0.131设定解析主机。set q=A设置要查询的解析类型。www.example.com要查询的解析域名。set q=NS设置要查询的解析类型。example.com要查询的解析域名。
[root@lab1 named]# nslookup
> server 172.20.0.131
Default server: 172.20.0.131
Address: 172.20.0.131#53
> set q=A
> www.example.com
Server: 172.20.0.131
Address: 172.20.0.131#53
Name: www.example.com
Address: 172.20.0.131
Name: www.example.com
Address: 172.20.0.132
> set q=NS
> example.com
Server: 172.20.0.131
Address: 172.20.0.131#53
example.com nameserver = ns1.example.com.
example.com nameserver = ns2.example.com.
3.反向解析区域文件
vim -o example.com.zone 172.20.0.zon编辑文件。cat 172.20.0.zone查看文件。vim /etc/named.rfc1912.zones编辑配置文件。 tail -4 /etc/named.rfc1912.zones查看配置文件增加的内容。ll 172.20.0.zone查看配置文件权限和权属。ll 172.20.0.zone修改后确认配置文件权限和权属。named-checkzone "0.20.172.in-addr.arpa" 172.20.0.zone检查区域文件语法。named-checkconf检查主配置文件语法。systemctl reload named重新载入配置。rndc status查看状态信息。host -t PTR 172.20.0.131 172.20.0.131使用host命令进行解析。dig -x 172.20.0.131 @172.20.0.131使用dig命令进行解析。dig -x 172.20.0.132 @172.20.0.131解析其他地址。
[root@lab1 named]# vim -o example.com.zone 172.20.0.zone
2 files to edit
[root@lab1 named]# cat 172.20.0.zone
$TTL 86400
$ORIGIN 0.20.172.in-addr.arpa.
@ IN SOA ns1.example.com. admin.example.com. (
2019011601
1H
5M
7D
1D )
IN NS ns1.example.com.
IN NS ns2.example.com.
131 IN PTR ns1.example.com.
131 IN PTR www.example.com.
132 IN PTR mx1.example.com.
132 IN PTR www.example.com.
133 IN PTR mx2.example.com.
[root@lab1 named]# vim /etc/named.rfc1912.zones
[root@lab1 named]# tail -4 /etc/named.rfc1912.zones
zone "0.20.172.in-addr.arpa" IN {
type master;
file "172.20.0.zone";
};
[root@lab1 named]# ll 172.20.0.zone
-rw-r--r--. 1 root root 550 Jan 16 05:42 172.20.0.zone
[root@lab1 named]# chmod 640 172.20.0.zone
[root@lab1 named]# chown :named 172.20.0.zone
[root@lab1 named]# ll 172.20.0.zone
-rw-r-----. 1 root named 550 Jan 16 05:42 172.20.0.zone
[root@lab1 named]# named-checkzone "0.20.172.in-addr.arpa" 172.20.0.zone
zone 0.20.172.in-addr.arpa/IN: loaded serial 2019011601
OK
[root@lab1 named]# named-checkconf
[root@lab1 named]# systemctl reload named
[root@lab1 named]# rndc status
version: 9.9.4-RedHat-9.9.4-72.el7 <id:8f9657aa>
CPUs found: 2
worker threads: 2
UDP listeners per interface: 2
number of zones: 103
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
[root@lab1 named]# host -t PTR 172.20.0.131 172.20.0.131
Using domain server:
Name: 172.20.0.131
Address: 172.20.0.131#53
Aliases:
131.0.20.172.in-addr.arpa domain name pointer www.example.com.
131.0.20.172.in-addr.arpa domain name pointer ns1.example.com.
[root@lab1 named]# dig -x 172.20.0.131 @172.20.0.131
; <<>> DiG 9.9.4-RedHat-9.9.4-72.el7 <<>> -x 172.20.0.131 @172.20.0.131
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9270
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;131.0.20.172.in-addr.arpa. IN PTR
最低0.47元/天 解锁文章
扫一扫
2190
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
